Email Threat Screener

Identify and respond to email threats faster with Automation

With Lucy’s Mail Screener you can easily spot, analyze and automatically delete or quarantine phishing emails. Significantly enhance your security analysts’ work by reducing the Mean Times to Detect, Acknowledge and Contain attacks and by eliminating false-positive alerts.

Automate Your Email Threat Analysis

Quickly manage phish attempts that bypassed your spam filter

Complete Data Security

3rd Party Integrations

Drastically reduces mean time to detect (MTTD)

Faster mean time to acknowledge (MTTA)

Faster mean time to contain (MTTC)

Drastically reduces False-Positive Rate of Alerts

The problem: Phishing mails continue to bypass your spam filters
Even the best filters cannot stop malicious mails from popping up in your inbox. Although the vast majority of phishing mails will be caught, there will always be mails that know how to bypass these filters. And often times it is precisely these emails that pose a real threat!

Report suspicious mails using the LUCY Phishing Incident Plug-In
Consequentially, it is crucial to implement security awareness measures in your company to train your employees to effectively detect phishing mails and report them using a Phish Alert Button. An efficient security awareness training consists of

  • phishing simulations
  • entertaining training modules like videos and game-based trainings
  • a reporting system that tracks your employees’ progress over time

Efficiently manage reported phish
Once your users report a phish instance, the IT Security Analysts can begin investigating: Is the reported phish really a phish? What should be done with the reported phish? And how can future similar threats automatically be quarantined or deleted?

LUCY’s Email Threat Screener (ETS) assists your security team by identifying threats and responding to them quickly. Create rules based on the reported phishing emails and such that identify real threats fast. Decide on actions for incoming phish and automatically delete or quarantine any threats. Streamline your IT team’s work by radically reducing the incident response time and number of false-positive alerts.

How it works

The LUCY Email Threat Screener

With LUCY’s Email Threat Screener you can easily spot, analyze and automatically delete or quarantine phishing emails. Significantly enhance your security analysts’ work by reducing the Mean Times to Detect, Acknowledge and Contain attacks and by eliminating false-positive alerts.

Easy Rule Creation

Use built-in YARA rules or create custom rules for tagging reported phish and decide on automatic actions for handling these.

Seamless Integration with
LUCY’s Phish Button

Full Integration with LUCY’s Phishing Incident Plug-In. Emails are forwarded to the Screener. Alternatively also to a dedicated mailbox.

Keep your most private data private

If you prefer not to send your confidential E-Mail communication to a system in the internet. You have the option to install LUCY’s E-Mail Threat Screener (ETS) on your own premises. This allows you to keep your and your customers E-Mail data completely secure.

FEATURE LIST

Features

EASY YARA RULE MANAGEMENT

Create your own or use built-in YARA Rules using the simple visual editor.

ANALYSIS & PRIORIZATION ENGINE

Automatically analyze Mail Headers, Body, URLs and Domains

LUCY’S PHISHING INCIDENT PLUGIN

Report suspicious E-mail Messages by sending them to the LUCY Email Threat Screener for further automated analysis and human in depth Inspection if needed. Alternatively send it to a dedicated Mailbox or Sandbox System.
Seamless integration with Lucy’s Email Add-in Button.

MESSAGE PREVIEWER

Preview email as a screenshot without clickable links.

EVENT AUTORESPONDER

Automatically respond to the user who reported an incident.

EVENT FILTER

Filter unresolved events and process them – set resolution and status.

EVENT EXPIRATION

Due dates system notifications for incoming events.

USER REPUTATION UPDATER

Integration with LUCY for simulation reports.

ON-PREMISE OPTION

Installable software; no Emails are shared with the software provider.

FURTHER FUNCTIONS

FALSE POSITIVE ELIMINATOR

Detect and automatically resolve all irrelevant events that pose no threat to a company.

EVENT CLUSTERING

Perform cluster analysis of incoming email content and detect similar patterns that may comprise a single continuous or a long repeating attack.

REMEDIATION ENGINE

The system selects emails with similar subjects and from similar senders and may delete them, create a JIRA task, block all URLs or domains.

SCANNING ENGINES INTEGRATION

Easy integration with external scanning engines (e.g.Virustotal, Safebrowsing, phishtank, URLhaus).

API INTEGRATION

Integration with Splunk, Jira, SOC, SIEM and others.

INCIDENT PLUGIN FOR BROWSERS

Report phishing websites or links right from Edge, Firefox, Chrome or Safari.

ANALYST ROLES

Different user roles: Viewer, Analyst, Admin.

TEMPLATE CONVERTER

Turn any real phishing event into a Lucy template for training users.